SO_BINDANY and pf divert
Julian Elischer
julian at elischer.org
Wed Jul 30 21:44:12 UTC 2008
Attila Nagy wrote:
> Hello,
>
> OpenBSD's relayd has grown a very useful transparent relay support,
> which means you can run a HTTP(S) reverse proxy transparently
> (maintaining the source IP, while you have a different TCP stream open
> from the proxy to the backend, even by terminating the SSL part and
> speaking clear text HTTP to the backends).
>
> For this (as far as I could figure out, while trying to make this newer
> relayd working on FreeBSD) two pieces are needed, which FreeBSD
> currently lacks:
> - the SO_BINDANY support (see
> http://marc.info/?l=openbsd-cvs&m=121030159009823&w=2 and
> http://www.openbsd.org/cgi-bin/man.cgi?query=setsockopt)
> - the pf part, which diverts the non-local packets to the given socket
> (see http://marc.info/?l=openbsd-cvs&m=121030115209292&w=2 and
> http://www.openbsd.org/cgi-bin/man.cgi?query=pf.conf)
well, ipfw can do that.
>
> After having those said, the question is obvious. :)
> Does anybody feel the need for these two in FreeBSD and have the
> competence and time to port them?
>
> Thanks,
> _______________________________________________
> freebsd-net at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
More information about the freebsd-net
mailing list